CVSS: 4.6EPSS: 0%CPEs: 7EXPL: 0CVE-2013-5187
https://notcve.org/view.php?id=CVE-2013-5187
24 Oct 2013 — The Screen Lock implementation in Apple Mac OS X before 10.9 does not immediately accept Keychain Status menu Lock Screen commands, and instead incorrectly relies on a certain timeout setting, which allows physically proximate attackers to obtain sensitive information by reading a screen that should have transitioned into the locked state. La implementación de Screen Lock en Apple Mac OS X anterior a la versión 10.9 no acepta inmediatamente el menú Keychain Status de comandos Lock Screen, y en su lugar conf... • http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2013-5176
https://notcve.org/view.php?id=CVE-2013-5176
24 Oct 2013 — The kernel in Apple Mac OS X before 10.9 does not properly handle integer values during unspecified tty device operations, which allows local users to cause a denial of service (system hang) by triggering a truncation error. El kernel en Apple Mac OS X anterior a 10.9 no maneja apropiadamente los valores enteros durante operaciones de dispositivos tty no especificados, lo que permite a usuarios locales causar una denegación de servicio (cuelgue de sistema) disparando un error de truncado. • http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2013-5181
https://notcve.org/view.php?id=CVE-2013-5181
24 Oct 2013 — The auto-configuration feature in Mail in Apple Mac OS X before 10.9 selects plaintext authentication for unspecified servers that support CRAM-MD5 authentication, which allows remote attackers to obtain sensitive information by sniffing the network. La funcionalidad de auto-configuración en Mail en Apple Mac OS X anteriores a 10.9 selecciona autenticación sin cifrar para servidores no especificados que soportan autenticación CRAM-MD5, lo cual permite a atacantes remotos obtener información sensible mediant... • http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html • CWE-310: Cryptographic Issues •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2013-5172
https://notcve.org/view.php?id=CVE-2013-5172
24 Oct 2013 — The kernel in Apple Mac OS X before 10.9 does not properly determine the output length for SHA-2 digest function calls, which allows context-dependent attackers to cause a denial of service (panic) by triggering a digest operation, as demonstrated by an IPSec connection. El kernel en Apple Mac OS X anterior a 10.9 no determina la longitud de salida para las llamadas a funciones SHA-2, lo que permite a atacantes dependientes de contexto causar una denegación de servicio (panic) disparando una operación de re... • http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2013-5190
https://notcve.org/view.php?id=CVE-2013-5190
24 Oct 2013 — Smart Card Services in Apple Mac OS X before 10.9 does not properly implement certificate-revocation checks, which allows remote attackers to cause a denial of service (Smart Card usage outage) by interfering with the revocation-check procedure. Los servicios de tarjeta inteligente en Apple Mac OS X anterior a 10.9 no implemente verificación de revocación de certificado lo que permite a atacante s remotos causar denegación de servicio interfiriendo con el proceso de verificación de revocacvión • http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.8EPSS: 0%CPEs: 7EXPL: 0CVE-2013-5188
https://notcve.org/view.php?id=CVE-2013-5188
24 Oct 2013 — The Screen Lock implementation in Apple Mac OS X before 10.9, when hibernation and autologin are enabled, does not require a password for a transition out of hibernation, which allows physically proximate attackers to obtain access by visiting an unattended workstation in the hibernating state. La implementación de Screen Lock en Apple Mac OS X anteriores a 10.9, cuando la hibernación y autologin están activos, no requiere contraseña para salir de la hibernación, lo cual permite a atacantes físicamente cerc... • http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2013-5177
https://notcve.org/view.php?id=CVE-2013-5177
24 Oct 2013 — The kernel in Apple Mac OS X before 10.9 allows local users to cause a denial of service (panic) via an invalid iovec structure. El kernel de Apple Mac OS X anterior a 10.9 permite a usuarios locales provocar una denegación de servicio (panic) a través de una estructura iovec no válida. • http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html • CWE-189: Numeric Errors •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2013-5191
https://notcve.org/view.php?id=CVE-2013-5191
24 Oct 2013 — The syslog implementation in Apple Mac OS X before 10.9 allows local users to obtain sensitive information by leveraging access to the Guest account and reading console-log messages from previous Guest sessions. La implementación de syslog en Apple Mac OS X anteriores a 10.9 permite a usuarios locales obtener información sensible utilizando el acceso a la cuenta de invitados y leyendo los mensajes del log de la consola de sesiones de invitado anteriores. • http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.6EPSS: 0%CPEs: 7EXPL: 0CVE-2013-5186
https://notcve.org/view.php?id=CVE-2013-5186
24 Oct 2013 — Power Management in Apple Mac OS X before 10.9 does not properly handle the interaction between locking and power assertions, which allows physically proximate attackers to obtain sensitive information by reading a screen that should have transitioned into the locked state. Administrador de energía en Apple Mac OS X anterior a la versión 10.9 no controla correctamente la interacción entre el bloqueo y las afirmaciones de potencia, lo que permite a atacantes físicamente próximos a obtener información sensibl... • http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2013-5189
https://notcve.org/view.php?id=CVE-2013-5189
24 Oct 2013 — Apple Mac OS X before 10.9 does not preserve a certain administrative system-preferences setting across software updates, which allows context-dependent attackers to bypass intended access restrictions in opportunistic circumstances by leveraging an unintended security configuration after the completion of an update. Apple Mac OS X anterior a 10.9 no preserva ciertos ajustes de sistema administrativos a traves de las actualizaciones de software, lo que permite a atacantes dependientes de contexto sortear re... • http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html • CWE-264: Permissions, Privileges, and Access Controls •